Cybercriminals behind the Optus data breach leaked 10,200 customer records in an attempt to force and extort $1 MILLION from the Australian telecom.

https://thehackernews.com/2022/09/hacker-behind-optus-breach-releases.html

After a few hours, however, the hacker apologized and said he had deleted the stolen data.

North Korea's Lazarus hackers are targeting macOS users by luring them with job offers on cryptocurrency exchanges.

Read: https://thehackernews.com/2022/09/north-koreas-lazarus-hackers-targeting.html

As many as 75 apps on Google Play and 10 on the Apple App Store, with a total of 13 million downloads, have been discovered to be involved in an ongoing ad fraud campaign.

Read: https://thehackernews.com/2022/09/experts-uncover-85-apps-with-13-million.html

Researchers warn of a new ongoing malicious campaign distributing NullMixer malware that steals victims' credentials, addresses, credit card data, cryptocurrencies, as well as Facebook and Amazon accounts.

Read: https://thehackernews.com/2022/09/new-nullmixer-malware-campaign-stealing.html

Ukrainian government has issued a warning that Russia is planning attacks on critical infrastructure facilities in the country and its allies.

Read: https://thehackernews.com/2022/09/ukraine-says-russia-planning-massive.html

WhatsApp for Android and iOS patches two critical remote code execution vulnerabilities that could have allowed attackers to remotely hack targeted devices.

Read: https://thehackernews.com/2022/09/critical-whatsapp-bugs-could-have-let.html

Facebook's parent company Meta has announced that it has taken steps to dismantle two covert political influence operations originating from China and Russia.

Read: https://thehackernews.com/2022/09/facebook-shuts-down-covert-political.html

Russian state-sponsored hackers have been found using a method of deploying malware that takes advantage of mouse movements in decoy Microsoft PowerPoint documents to execute code.

Read: https://thehackernews.com/2022/09/hackers-using-powerpoint-mouseover.html

Cybercriminals are using a tool called "Quantum Builder" sold on the Dark Web to generate malicious LNK, HTA, and PowerShell payloads to deliver "Agent Tesla" RAT malware to targeted systems.

Read: https://thehackernews.com/2022/09/cyber-criminals-using-quantum-builder.html

Researchers have discovered a new, multi-functional Go-based malware dubbed "Chaos" that has spread rapidly in recent months, infiltrating Windows, Linux, small office/home office routers (SOHO) and enterprise servers into its botnet.

Read: https://thehackernews.com/2022/09/researchers-warn-of-new-go-based.html

Indian Swachh City platform has suffered a data breach leaking 16 million user records of its users.

Read: https://thehackernews.com/2022/09/swachh-city-platform-suffers-data.html

Several hacktivist groups are using Telegram and other tools to aid anti-government protests in #Iran to bypass regime censorship restrictions amid ongoing unrest in the country.

Read: https://thehackernews.com/2022/09/hackers-aid-protests-against-iranian.html

Multiple military and weapons contractor companies are being targeted by a new covert attack campaign that uses multi-stage malware infection.

Read: https://thehackernews.com/2022/09/researchers-uncover-covert-attack.html

Brazilian hacking group Prilex has resurfaced after a year-long hiatus with a sophisticated and complex point-of-sale malware designed to steal money through fraudulent transactions.

Read: https://thehackernews.com/2022/09/brazilian-prilex-hackers-resurfaced.html

Researchers warn of a new unpatched zero-day vulnerability in Microsoft Exchange servers that is being exploited by attackers to achieve RCE on targeted systems.

Read: https://thehackernews.com/2022/09/warning-new-unpatched-microsoft.html

Microsoft confirms that 2 new zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) affecting Exchange Server 2013, 2016 and 2019 are being exploited in the wild to take over systems.

Read: https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html

A sophisticated North Korean state-sponsored hacker group has been observed weaponizing open-source software against employees of companies in various industries in the U.S., U.K., India, and Russia.

Read: https://thehackernews.com/2022/09/north-korean-hackers-weaponizing-open.html

In an ongoing malware campaign baiting with fake job offers, attackers are exploiting a known vulnerability in #Microsoft Office to install Cobalt Strike beacons on compromised computers.

Read: https://thehackernews.com/2022/09/new-malware-campaign-targeting-job.html

A threat actor targeting Middle Eastern governments has been observed using a steganographic trick to hide an undocumented backdoor in a Windows logo.

Read: https://thehackernews.com/2022/09/cyber-attacks-against-middle-east.html

Hackers are using new, never-before-seen malware families (VirtualPITA, VirtualPIE, and VirtualGATE) targeting VMware ESXi, Linux vCenter servers, and Windows VMs to seize control of infected systems and evade detection.

https://thehackernews.com/2022/09/new-malware-families-found-targeting.html